Skip to content
Shibboleth IdP container designed for standalone use
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore first try Mar 20, 2017
BINSCRIPTS.md first try Mar 20, 2017
Dockerfile first try Mar 20, 2017
Jenkinsfile removing test phase Mar 20, 2017
README.md Correcting syntax of command to run with bind mount Mar 10, 2017
common.bash first try Mar 20, 2017

README.md

Supported tags and respective Dockerfile links

TBD

What is Shibboleth IdP?

Shibboleth is among the world's most widely deployed federated identity solutions, connecting users to applications both within and between organizations. Every software component of the Shibboleth system is free and open source.

Shibboleth is an open-source project that provides Single Sign-On capabilities and allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.

How to use this image

Since no two users of Shibboleth IdP are likely to configure it exactly alike, this image does not come with any default configuration.

Acquire Oracle Java

You should visit a page similar to this one at Oracle to download the Oracle JDK.

Select the Linux x64 RPM and agree to the Oracle Binary Code License Agreement.

Acquire JCE

You should visit a page similar to this one at Oracle to download the Oracle Java Crypography Extension policy files.

Create a Dockerfile

FROM tier/shibboleth_idp:3.3
COPY jdk-8u121-linux-x64.rpm /tmp/oracle_jdk.rpm
COPY jce_policy-8.zip /tmp/$oracle_jce_zip

Common additional sample configurations may include:

COPY server.xml /usr/local/tomcat/conf/
COPY krb5.conf /etc/

Build the container

$ docker build -t my-shibboleth-idp .

Test the configuration file

CAN THIS BE DONE? [jvf]

$ docker run -it --rm --name shibboleth-idp-test-run my-shibboleth-idp /usr/local/tomcat/bin/startup.sh

Run using a bind mount to share secrets

$ docker run -d --name my-running-shibboleth-idp -v /path/to/shibboleth_idp/certs:/opt/certs my-shibboleth-idp

Note that your host's /path/to/shibboleth_idp/certs folder should contain... TBD.

You may need to publish the ports your Shibboleth IdP is listening on to the host by specifying the -p option, for example -p 8080:80 to publish port 8080 from the container host to port 80 in the container. Make sure the port you're using is free.

Reloading config

TBD

N.B. that if every config file were on the bind mount, a REHUP of the container would work, but with the files scattered about the filesystem / unspecified....

License

Supported Docker versions

User Feedback

Issues

Contributing

Documentation

You can’t perform that action at this time.